Governance Risk and Compliance (GRC) Compliance Specialist

Jeppesen ForeFlight is seeking a Governance, Risk, and Compliance (GRC) Specialist to drive the operational execution of our risk and control program.

Requirements

• Bachelor’s degree or equivalent experience in a technical field
• 5+ years in GRC, risk management, IT audit, or security compliance
• Demonstrated experience applying NIST 800-53 or equivalent DoD cybersecurity controls
• Working knowledge of additional frameworks (ISO 27001, SOC 2, NIS2, COBIT, or similar)
• Hands-on experience administering a GRC or compliance automation platform
• Comfort with scripting or API integrations for evidence automation, control monitoring, and reporting
• Familiarity with cloud environments (AWS, GCP, or Azure) and how IAM, logging, and configuration management map to compliance requirements
• Experience with vulnerability management, patch management, or system hardening
• Strong written communication, able to translate control language for engineers and engineering language for auditors
• Demonstrated bias toward automation and repeatable systems over manual, periodic effort
• Problem solver with a desire to see problems as challenges to be resolved

Benefits

• Medical, dental, vision insurance with Employer paid health premiums
• Open PTO Policy
• 401(k) with up to 10% company matching and immediate vesting
• 12 Weeks Paid Maternity Leave
• 4 Weeks Paid Paternity Leave
• Flight Training Rewards